build-langchain-ts-app

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly includes web/document ingestion in its required workflows—e.g., the recommended production pattern defines a "web_search" tool ("Search the web for current information") and the SKILL.md decision tree and references/rag.md describe document loaders and RAG pipelines that inject public web or document content into the agent's context, meaning untrusted third‑party content is fetched and can influence tool use and decisions.